Just one more reason not to use the same password across multiple sites. :rolleyes:

December 14th, 2010, 05:56 PM

HYBR|D

Gawker uses a really outdated hashing algorithm known as DES (Data Encryption Standard).
Because DES has a maximum of 8chars using a password like "abcdefgh1234" only the first 8 characters "abcdefgh" are encrypted and stored in the database. If your password is longer than 8 characters you only need to enter the first 8 characters to log in!

I'll be making a fresh thread with a ton of info shortly

December 14th, 2010, 06:07 PM

HYBR|D

Quote:

Originally Posted by westin

Just one more reason not to use the same password across multiple sites. :rolleyes:

You think that's silly, i'm still giggling at the amount of users that actually used "password" for there login, and used "password" onto other site's attached to there e-mail. :eek:

December 14th, 2010, 06:48 PM

metguru

Hahaha thats great. Where did you get that list? I was looking for the list, as thats a nice large amount of data to run some of my own statistics on.

December 14th, 2010, 07:32 PM

HYBR|D

I've got a copy of the leaked DB, and a heap of other things that arrived in my e-mail a few days ago. :)